SQL injection vulnerability in Gender MOD 1.1.3 allows remote attackers to gain administrative access via the user_level parameter in the User Profile page.Referenceshttp://www.securityfocus.com/bid/5342http://online.securityfocus.com/archive/1/284691http://www.iss.net/security_center/static/9692.php
